This sounds like an option, I found a patch :
http://www.qmail.org/tcpserver-0.80.patch and was under the impression that this does
just that. However I can't get it to work. Is this the right patch or am I confused
here?
Bart
-----Original Message-----
From: Evan Champion [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 06, 1999 2:53 PM
To: Chris Johnson; Bart van Kaathoven (DSN)
Cc: 'qmail maillist'
Subject: Re: tcpserver control on domain name
> If someone controlled the reverse mapping for a range of IP addresses and
knew
> your domain name, he could make one of his addresses reverse map to a name
in
> your domain and gain access you don't want him to have.
You can compare the forwards and reverse nameservice to make sure that they
are both the same IP/hostname. Ie: the name returned from the reverse
nameservice lookup must have 1 A record that maps to the incoming IP address
(this is equivalent to tcpserver's paranoid mode).
Evan
